/**
 * 
 */
package com.icbc.sso.client;

import java.util.ArrayList;
import java.util.List;

import org.json.JSONArray;
import org.json.JSONException;
import org.json.JSONObject;
import org.json.JSONTokener;

import com.icbc.cte.base.CTEConstance;
import com.icbc.cte.base.TranFailException;
import com.icbc.ctp.core.IContext;
import com.icbc.ctp.core.annotations.Input;
import com.icbc.ctp.core.annotations.Output;
import com.icbc.ctp.core.impl.OperationStep;
import com.icbc.ctpdemo.signin.SigninRoleBean;
import com.icbc.ctpdemo.user.UserBean;

/**
 * TODO 类的描述：。 
 * <pre>
 *
 * </pre>
 *
 * <pre>
 * modify by lenovo on 2016-3-28
 *    fix->1.应用端校验sso用户是否合法（通过chr.doHttpRequest回调sso验证）  
 *         2.校验成功 从sso获取用户的信息 菜单信息 放到session中
 * </pre> 
 */
@Input(name = {"authToken", "itemIdx"}, type = {"java:java.lang.String", "java:java.lang.String"}, mustInput = {true, true}, isVariable = {true, true}, isArray = {false, false}, description = {"需要校验的token", "根菜单id"})
@Output(name = {"ssicFlag","menus", "Db_proc_flag", "Language", "DefaultRoleId", "user",
		"roleList" }, type = { "java:java.lang.String","java:java.lang.String","java:java.lang.String",
		"java:java.lang.String", "java:java.lang.String",
		"java:com.icbc.ctpdemo.user.UserBean", "java:java.util.List" }, isArray = {
		false,false, false, false, false, false, false }, description = { "","","", "", "", "", "" })
public class SSOAuthOpstep extends OperationStep {

	/* (non-Javadoc)
	 * @see com.icbc.ctp.core.impl.OperationStep#execute(com.icbc.ctp.core.IContext)
	 */
	@Override
	protected int execute(IContext context) throws TranFailException {
		String authToken=(String) context.getValueAt("authToken");
		String itemIdx=(String) context.getValueAt("itemIdx");
		if(authToken != null && !"".equals(authToken)){//参数合法
			CommonHttpRequest chr=new CommonHttpRequest();
			String SSOAPI=CTEConstance.getEnvProperty("SSOAPI");
			if(authToken.endsWith("@")){
				SSOAPI = CTEConstance.getEnvProperty("SSOAPI2");
				authToken = authToken.substring(0, authToken.length()-1);
			}
			String reMsg=chr.doHttpRequest(SSOAPI+"Token/verify/"+authToken+"/"+itemIdx, "GET", 300000, null, "UTF-8");
			System.out.println("SSO返回的验证信息："+reMsg);
			if(reMsg != null && !reMsg.trim().equals("")){
				try {
					JSONObject reJson=new JSONObject(new JSONTokener(reMsg));
					String code=reJson.getString("code");
					if("200".equals(code)){//验证成功
						JSONObject data=reJson.getJSONObject("data");
						context.setValueAt("Db_proc_flag", data.getString("Db_proc_flag"));
						context.setValueAt("Language", data.getString("Language"));
						context.setValueAt("DefaultRoleId", data.getString("DefaultRoleId"));
						context.setValueAt("ssicFlag", data.getString("ssicFlag"));
						JSONObject ju=data.getJSONObject("user");
						UserBean ub=new UserBean();
						
						/*"id": "100101",
			            "name": "管理员",
			            "branchId": "000001",
			            "branchLevel": "1",
			            "branchName": "顶级机构",
			            "regionId": "",
			            "netTerminal": "",
			            "privilegeAll": "1",
			            "privilegeSelf": "0",
			            "privilegeOther": "0"*/
						ub.setId(ju.getString("id"));
						ub.setName(ju.getString("name"));
						ub.setBranchId(ju.getString("branchId"));
						ub.setBranchLevel(ju.getString("branchLevel"));
						ub.setBranchName(ju.getString("branchName"));
						ub.setRegionId(ju.getString("regionId"));
						ub.setNetTerminal(ju.getString("netTerminal"));
						ub.setPrivilegeAll(ju.getString("privilegeAll"));
						ub.setPrivilegeSelf(ju.getString("privilegeSelf"));
						ub.setPrivilegeOther(ju.getString("privilegeOther"));
						context.setValueAt("user", ub);
						
						List<SigninRoleBean> li=new ArrayList<SigninRoleBean>();
						JSONArray roles=data.getJSONArray("roleList");
						if(roles != null && roles.length() > 0){
							JSONObject x=null;
							SigninRoleBean srb=null;
							for(int i=0,n=roles.length();i<n;i++){
								x=roles.getJSONObject(i);
								srb=new SigninRoleBean();
								srb.setId(x.getString("id"));
								srb.setName(x.getString("name"));
								li.add(srb);
							}
						}
						context.setValueAt("roleList", li);
						context.setValueAt("menus", reJson.getJSONArray("menus"));
					}
				} catch (JSONException e) {
					e.printStackTrace();
				}
			}
		}else{//参数不合法
			
		}
		return 0;
	}

}
